大象传媒

Network security and cybersecurity - EdexcelIdentifying vulnerabilities

Networks operate on the principles of communication and sharing. That means network traffic and data could be accessed by people who have no authority to do so. Enhanced security measures can help to prevent cyberattacks.

Part of Computer SciencePrinciples of computer science

Identifying vulnerabilities

One of the roles of a is to ensure the is safe from attacks and threats of any kind. There are many techniques that can be used to help keep a network safe, including:

  • penetration testing
  • ethical
  • commercial analysis tools
  • network and user policies

Penetration testing

The purpose of penetration testing is to determine how a network is against an attack. It involves authorised users - sometimes an external party or organisation - who probe the network for potential weaknesses and attempt to exploit them. that enables network managers to test a network's resilience themselves is also available.

Ethical hacking

Ethical hackers attempt to access a network using the same tools and techniques as a hacker. However, an ethical hacker isn鈥檛 attempting to steal information, but is looking for weaknesses in the security of the network. Any weaknesses found can then be fixed. An ethical hacker might be employed by the business that owns the network being tested or they might work for a security company hired by network owners.

Commercial analysis tools

A commercial analysis tool is usually a software package that is used to find security weaknesses within a network. The analysis tool could check for a range of issues such as unpatched software, weak passwords or poorly configured . The software produces a report so that the network manager can fix the problems.

Network and user policies

Users of a network are often the source of threats, whether accidental or deliberate. A network manager should have network and user policies that ensure:

  • users have secure, hard-to-guess passwords which meet specified conditions and are changed regularly
  • users cannot connect unauthorised equipment to the network, such as , and
  • levels of access are given which allow only authorised users to access sensitive
  • a regular procedure is in place
  • a disaster procedure exists in case of data loss
  • regular maintenance is undertaken, including applying software upgrades and security to equipment
  • physical access to servers is prevented
  • a high level of security is maintained with up-to-date software and firewalls